Skip to main content
Best News Website or Mobile Service
WAN-IFRA Digital Media Awards Worldwide 2022
Best News Website or Mobile Service
Digital Media Awards Worldwide 2022
Hamburger Menu

Advertisement

Advertisement

Singapore

Singapore recommends safety standards for apps that carry out high-risk monetary transactions

Singapore recommends safety standards for apps that carry out high-risk monetary transactions

(File photo: iStock)

New: You can now listen to articles.

This audio is generated by an AI tool.

  • CSA's new recommended Safe App Standard will set out best practices that reduce the risk of malicious actors exploiting weaknesses in the app design 
  • IMDA has also published advisory guidelines for telcos to protect vulnerable consumers and prevent them from being tricked into signing up and footing the bills for phone lines used for scams
  • MCI and A*STAR will launch a new research centre to build capabilities for a safer internet

SINGAPORE: Safety recommendations for apps that carry out high-risk monetary transactions to guard against scams were announced on Wednesday (Jan 10) by the Ministry of Communications and Information (MCI). 

The new recommended Safe App Standard was published by the Cyber Security Agency (CSA), and will set out best practices that reduce the risk of malicious actors exploiting weaknesses in the app design, said Minister for Communications and Information Josephine Teo, making the announcement during a motion in parliament on building an inclusive and safe digital society. 

For example, apps could be designed to need additional authentication of a user before authorising high-risk transactions, such as those that provide access to an individual’s assets or savings, she said. 

CSA’s standards also recommend that developers build in malware detection capabilities on their apps, since this has proven to be effective in disrupting scammers’ unauthorised transactions using compromised devices, she added. 

The authority will incorporate more of these practices in the recommendations as they emerge, or as technologies evolve, said Mrs Teo. It will also consider how to help end-users identify apps that meet the standards. 

Since the standard is new, the government will assess its usefulness and decide whether to keep it voluntary or make it mandatory, said Mrs Teo. 

The Infocomm Media Development Authority (IMDA) has also published advisory guidelines for telcos to protect vulnerable consumers, to strengthen safeguards against being tricked into signing up and footing the bills for phone lines used for scams, she announced. 

The guidelines call for measures to help frontline staff identify vulnerable consumers while they are signing up for services and handle cases of suspected exploitation, said Mrs Teo. They also encourage telcos to waive charges for vulnerable consumers who have fallen victim to scams. 

39:54 Min

Singapore is issuing new app guidelines to better protect high-risk monetary transactions made online. The Safe App Standard will help app developers “design for security”, Communications and Information Minister Josephine Teo told Parliament on Wednesday (Jan 10). It sets out best practices to reduce the risk of malicious actors exploiting weaknesses in app design. These could include requiring additional user authentication and built-in malware detection capabilities. The standard will be voluntary for now but could be made mandatory if it is determined to be useful. Guidelines have also been introduced to help telcos protect vulnerable consumers from being tricked into signing up and footing bills for phone lines used for scams. Frontline staff are advised on how to identify at-risk consumers and handle cases of suspected exploitation. Telcos are also encouraged to waive charges for scam victims. A centre is also being launched by MCI and A*STAR to build up capabilities for a safer Internet, working with research partners, companies and other practitioners. These capabilities could include tools and measures to detect harmful content like deepfakes and false claims, inject watermarks or trace the origin of digital content, and empower vulnerable groups with resources to verify information they find online. The research efforts will also help inform new legislation or regulations to address issues like deepfakes, said Mrs Teo.

MCI and A*STAR will launch the Centre for Advanced Technologies in Online Safety, which will be a platform for Singapore’s community of research partners, companies and practitioners to build capabilities for a safer internet, the Communications and Information Minister announced.

This could include tools and measures to detect harmful content such as deepfakes and non-factual claims, inject watermarks or trace the origin of digital content, and help vulnerable groups to verify information they encounter online. 

These research efforts will also inform new legislation or regulations Singapore may need for issues like deepfakes, she added. 

WHY THIS MATTERS

Since apps are the most common way to transact online, app developers should design for security, said Mrs Teo. 

Developers should adopt the recommendations to ensure that high-risk monetary transactions performed on their apps are secure, she added. 

Of all the risks in the digital domain, scams are particularly concerning, said Mrs Teo. 

“These days, scammers use technology to sell fake jobs, fake love, and fake discounted items like eggs or holiday packages. Through variety, speed and scale, they have claimed more victims than before.”     

In 2022, the Singapore Police Force established the AntiScam Command. It froze more than 9,000 bank accounts and recovered about S$50.8 million of victims’ losses in the first half of 2023, said Mrs Teo. 

Singapore also needs new capabilities to keep pace with scammers and online risks, she added. 

Last month, a video purportedly showing Prime Minister Lee Hsien Loong promoting an investment product emerged online, underscoring the pitfalls of artificial intelligence and its use to spread misinformation.

At the time, Mr Lee warned members of the public about “completely bogus” videos, and asked them not to respond to scam videos promising guaranteed returns on investments or giveaways. 

LAWMAKERS’ CONCERNS 

More than 20 Members of Parliament (MPs) rose to speak during the motion, which asked that parliament reaffirm its commitment to adopt a whole-of-nation approach to sustain trust by building an inclusive and safe digital society. 

The motion was tabled by the Government Parliamentary Committee (GPC) for Communications and Information, with 13 specific demands to the government. 

MPs from both sides of the house raised concerns and made suggestions: 

  • Banks could do more to protect against and detect scams 
  • Dangers of AI misuse and pre-emptively dealing with deepfakes
  • Malware scams and what manufacturers can do

Banks appear to be taking more steps to prevent scams and stop those in progress, but they have healthy profits and the resources to do more, said Workers’ Party MP Sylvia Lim (WP-Aljunied). 

“I would not like to exaggerate the situation, but I would say that we are moving towards a crisis of confidence in digital banking without stronger intervention by government regulators,” she added, noting that customers also have a part to play. 

When banks expect individual customers to “fend for themselves”, this will deter those individuals from becoming active participants in a digital society, said Ms Hany Soh (PAP-Marsiling-Yew Tee), stressing that fending off scams should be a joint responsibility. 

“Banks could and should do more to contribute, such as adopting better anti-phishing solutions, improving authenticity verification, and being extra vigilant towards abnormal transactions to keep accounts secure and prevent the likelihood of scams.” 

Referencing the deepfake video of Mr Lee, Mr Tan Wu Meng (PAP-Jurong) noted that deepfakes become more authentic as technology becomes more advanced. 

The government should look at ways to electronically watermark content, or help individuals confirm that the content is real and human, he added. 

“The issue of deepfakes is going to be a serious matter for democracies around the world. Because if we can no longer discern easily what is real and not real, you can’t even have a functioning democracy.” 

GOVERNMENT’S RESPONSE 

Singapore will soon update its recommendations on dealing with AI risks, said Mrs Teo, responding to MPs who expressed concerns on the matter. 

“For example, we’re very concerned about the misuse of generative AI to spread misinformation and carry out targeted scams,” she added. 

“Mitigating biases and enhancing the explainability of AI models are also crucial to developing and deploying them responsibly.” 

Mrs Teo also responded to WP MPs calling scams “a crisis of confidence”, stressing that fighting scams is “thankless work”. 

She compared the WP members to bystanders watching firefighters put out a fire, “pontificating” and telling the firefighters what they should do. 

WP’s Ms Lim came forward to explain that she had received feedback from residents who want to take their accounts offline, and others ignore official communications because they cannot tell if the messages are authentic. 

“I would argue that there is a serious issue with public confidence,” she continued, acknowledging the work of the agencies fending off scams. 

In response, Mrs Teo urged MPs to avoid using “sensational, glaring headlines” on social media following the debate on the motion. 

“I would very much appreciate if we can keep our efforts focused on the actual things that will make a difference.” 

Source: CNA/hw(gr)

Advertisement

Also worth reading

Advertisement